Bug#908796: udev (with sysvinit) fails to find devices at boot

Tue, 16 Oct 2018 13:27:33 -0700 

good job!

with cryptsetup the new patches are running fine

thank you to every one!

to Guilhem Moulin: I made a little patch because the socket permissions
seems to be wrong when --chuid is specified

ciao :)
>From 67d080cc7c195f1a34cb6a0dc7ac7a5d9dbad28d Mon Sep 17 00:00:00 2001
From: Trek <tre...@inbox.ru>
Date: Tue, 16 Oct 2018 21:45:42 +0200
Subject: [PATCH] Set the proper permissions to s-s-d notify socket and
 directory

If the --chuid parameter is specified, the notify socket is not
accessible by the client, because mkdtemp() creates a directory owned
by root with 0700 permission. Moreover fchown() on a socket does not
have effects, because a socket doesn't have an associated inode.

Change the directory owner to runas_uid and use chown() instead of
fchown() to change the socket owner. Drop unneeded fchmod().
---
 utils/start-stop-daemon.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
index 476b31b..5f14931 100644
--- a/utils/start-stop-daemon.c
+++ b/utils/start-stop-daemon.c
@@ -548,6 +548,9 @@ setup_socket_name(const char *suffix)
 
 	atexit(cleanup_socket_dir);
 
+	if (chown(notify_sockdir, runas_uid, runas_gid))
+		fatal("cannot change socket directory ownership");
+
 	if (asprintf(&notify_socket, "%s/notify", notify_sockdir) < 0)
 		fatal("cannot allocate socket name");
 
@@ -578,7 +581,7 @@ create_notify_socket(void)
 	if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0)
 		fatal("cannot set close-on-exec flag for notification socket");
 
-	sockname = setup_socket_name(".s-s-d-notify");
+	sockname = setup_socket_name("start-stop-daemon");
 
 	/* Bind to a socket in a temporary directory, selected based on
 	 * the platform. */
@@ -590,12 +593,7 @@ create_notify_socket(void)
 	if (rc < 0)
 		fatal("cannot bind to notification socket");
 
-	rc = fchmod(fd, 0660);
-	if (rc < 0)
-		fatal("cannot change notification socket permissions");
-
-	rc = fchown(fd, runas_uid, runas_gid);
-	if (rc < 0)
+	if (chown(su.sun_path, runas_uid, runas_gid))
 		fatal("cannot change notification socket ownership");
 
 	// XXX: verify we are talking to an expected child?? not sure whether
@@ -1446,7 +1444,7 @@ parse_options(int argc, char * const *argv)
 		badusage("--remove-pidfile requires --pidfile");
 
 	if (pid_str && pidfile)
-		badusage("need either --pid of --pidfile, not both");
+		badusage("need either --pid or --pidfile, not both");
 
 	if (background && action != ACTION_START)
 		badusage("--background is only relevant with --start");
-- 
2.1.4

Reply via email to